Php Restler 3.0基本身份验证
我正在试用Restler为我的新项目构建web api。Php Restler 3.0基本身份验证,php,basic-authentication,restler,Php,Basic Authentication,Restler,我正在试用Restler为我的新项目构建web api。 其中一个要求是简单的身份验证。 我在SO上找到了一个很好的例子,但它是针对Restler 2的。 使用manual,我成功地将该类转换为Restler 3.0 <?php class BasicAuthentication implements iAuthenticate { const REALM = 'Restricted API'; public static $currentUser; public
其中一个要求是简单的身份验证。
我在SO上找到了一个很好的例子,但它是针对Restler 2的。 使用manual,我成功地将该类转换为Restler 3.0
<?php
class BasicAuthentication implements iAuthenticate
{
const REALM = 'Restricted API';
public static $currentUser;
public static $requires = 'user';
public static $role = 'user';
public function __isAllowed()
{
if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW']))
{
$user = $_SERVER['PHP_AUTH_USER'];
$pass = $_SERVER['PHP_AUTH_PW'];
$user = mysql_real_escape_string($user);
$pass = mysql_real_escape_string($pass);
$roles = array('12345' => 'user', '67890' => 'admin');
if (!isset($pass) || !array_key_exists($pass, $roles))
{
return false;
}
static ::$role = $roles[$pass];
Resources::$accessControlFunction = 'AccessControl::verifyAccess';
return static ::$requires == static ::$role || static ::$role == 'admin';
}
header('WWW-Authenticate: Basic realm="' . self::REALM . '"');
throw new RestException(401, 'Basic Authentication Required');
}
/**
* @access private
*/
public static function verifyAccess(array $m)
{
$requires = isset($m['class']['AccessControl']['properties']['requires']) ? $m['class']['AccessControl']['properties']['requires'] : false;
return $requires ? static ::$role == 'admin' || static ::$role == $requires : true;
}
}
?>
如何将两者结合起来?我不知道为什么,但我必须在我的
基本身份验证iUseAuthentication这样一切都开始工作了。
我还修改了htaccess,如下所示:
<?php
class Api
{
/**
* @url GET
* @url GET hello
* @url GET hello/{to}
*/
function hello($to = 'world')
{
return "Hello $to!";
}
/**
* @access protected
* @class AccessControl {@requires user}
*/
public function user()
{
return "protected api, only user and admin can access";
}
/**
* @access protected
* @class AccessControl {@requires admin}
*/
public function admin()
{
return "protected api, only admin can access";
}
}
Options -MultiViews
DirectoryIndex index.php
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^$ index.php [QSA,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php [QSA,L]
RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization},last]
</IfModule>
<IfModule mod_php5.c>
php_flag display_errors Off
</IfModule>
选项-多视图
DirectoryIndex.php
重新启动发动机
重写规则^$index.php[QSA,L]
重写cond%{REQUEST_FILENAME}-F
重写cond%{REQUEST_FILENAME}-D
重写规则^(.*)$index.php[QSA,L]
重写规则。*-[env=HTTP\u授权:%{HTTP:AUTHORIZATION},last]
php_标志显示_错误关闭
我已经找到了我的代码,我把它发布在这里,也许有人会发现它有用
<?php
use \Luracast\Restler\iAuthenticate;
use \Luracast\Restler\Resources;
class BasicAuthentication implements iAuthenticate
{
const REALM = 'Restricted API';
public static $requires = 'user';
public static $role = 'user';
public function __isAllowed()
{
//set http auth headers for apache+php-cgi work around
if (isset($_SERVER['HTTP_AUTHORIZATION']) && preg_match('/Basic\s+(.*)$/i', $_SERVER['HTTP_AUTHORIZATION'], $matches))
{
list($name, $password) = explode(':', base64_decode($matches[1]));
$_SERVER['PHP_AUTH_USER'] = strip_tags($name);
$_SERVER['PHP_AUTH_PW'] = strip_tags($password);
}
//set http auth headers for apache+php-cgi work around if variable gets renamed by apache
if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) && preg_match('/Basic\s+(.*)$/i', $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], $matches))
{
list($name, $password) = explode(':', base64_decode($matches[1]));
$_SERVER['PHP_AUTH_USER'] = strip_tags($name);
$_SERVER['PHP_AUTH_PW'] = strip_tags($password);
}
if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW']))
{
$user = $_SERVER['PHP_AUTH_USER'];
$pass = $_SERVER['PHP_AUTH_PW'];
$roles = array('12345' => 'user', '67890' => 'admin');
if (!isset($pass) || !array_key_exists($pass, $roles))
{
return false;
}
static ::$role = $roles[$pass];
Resources::$accessControlFunction = 'BasicAuthentication::verifyAccess';
$x = static ::$requires == static ::$role || static ::$role == 'admin';
$file = 'a.txt';
$current = file_get_contents($file);
$current .= static ::$requires." ".static::$role . "\n";
file_put_contents($file, $current);
return $x;
}
header('WWW-Authenticate: Basic realm="' . self::REALM . '"');
throw new RestException(401, 'Basic Authentication Required');
}
/**
* @access private
*/
public static function verifyAccess(array $m)
{
$requires = isset($m['class']['BasicAuthentication']['properties']['requires']) ? $m['class']['BasicAuthentication']['properties']['requires'] : false;
$file = 'a.txt';
$current = file_get_contents($file);
$current .= $requires." - ".static::$role . "\n";
file_put_contents($file, $current);
return $requires ? static ::$role == 'admin' || static ::$role == $requires : true;
}
}
?>
@Misiiu这行中的意思是:类基本身份验证实现了IAAuthenticate,而不是必须使用的IAAuthenticateiUseAuthentication@ZeeshanJan我已经编辑了我的答案。我已经发布了我的基本身份验证类和实现iUseAuthentication
的示例API类。您所要做的就是在创建Restler实例时,必须添加$r->addAuthenticationClass('BasicAuthentication')。希望这有帮助!:)
RewriteEngine on
RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization},last]
Options -MultiViews
DirectoryIndex index.php
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^$ index.php [QSA,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php [QSA,L]
RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization},last]
</IfModule>
<IfModule mod_php5.c>
php_flag display_errors Off
</IfModule>
<?php
use \Luracast\Restler\iAuthenticate;
use \Luracast\Restler\Resources;
class BasicAuthentication implements iAuthenticate
{
const REALM = 'Restricted API';
public static $requires = 'user';
public static $role = 'user';
public function __isAllowed()
{
//set http auth headers for apache+php-cgi work around
if (isset($_SERVER['HTTP_AUTHORIZATION']) && preg_match('/Basic\s+(.*)$/i', $_SERVER['HTTP_AUTHORIZATION'], $matches))
{
list($name, $password) = explode(':', base64_decode($matches[1]));
$_SERVER['PHP_AUTH_USER'] = strip_tags($name);
$_SERVER['PHP_AUTH_PW'] = strip_tags($password);
}
//set http auth headers for apache+php-cgi work around if variable gets renamed by apache
if (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) && preg_match('/Basic\s+(.*)$/i', $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], $matches))
{
list($name, $password) = explode(':', base64_decode($matches[1]));
$_SERVER['PHP_AUTH_USER'] = strip_tags($name);
$_SERVER['PHP_AUTH_PW'] = strip_tags($password);
}
if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW']))
{
$user = $_SERVER['PHP_AUTH_USER'];
$pass = $_SERVER['PHP_AUTH_PW'];
$roles = array('12345' => 'user', '67890' => 'admin');
if (!isset($pass) || !array_key_exists($pass, $roles))
{
return false;
}
static ::$role = $roles[$pass];
Resources::$accessControlFunction = 'BasicAuthentication::verifyAccess';
$x = static ::$requires == static ::$role || static ::$role == 'admin';
$file = 'a.txt';
$current = file_get_contents($file);
$current .= static ::$requires." ".static::$role . "\n";
file_put_contents($file, $current);
return $x;
}
header('WWW-Authenticate: Basic realm="' . self::REALM . '"');
throw new RestException(401, 'Basic Authentication Required');
}
/**
* @access private
*/
public static function verifyAccess(array $m)
{
$requires = isset($m['class']['BasicAuthentication']['properties']['requires']) ? $m['class']['BasicAuthentication']['properties']['requires'] : false;
$file = 'a.txt';
$current = file_get_contents($file);
$current .= $requires." - ".static::$role . "\n";
file_put_contents($file, $current);
return $requires ? static ::$role == 'admin' || static ::$role == $requires : true;
}
}
?>
<?php
class Api implements iUseAuthentication
{
private $_authenticated = false;
/**
* This method will be called first for filter classes and api classes so
* that they can respond accordingly for filer method call and api method
* calls
*
*
* @param bool $isAuthenticated passes true when the authentication is
* done, false otherwise
*
* @return mixed
*/
public function __setAuthenticationStatus($isAuthenticated = false)
{
$this->_authenticated = $isAuthenticated;
}
/**
* @access protected
* @class BasicAuthentication {@requires user}
*/
public function user()
{
return "protected api, only user and admin can access";
}
/**
* @access protected
* @class BasicAuthentication {@requires admin}
*/
public function admin()
{
return "protected api, only admin can access";
}
}
?>